Senior Network Security Analyst

• Collaboration with the IDPS Network Security Engineering (policy development and tuning) team
• Analysing, reviewing and validating the quality and efficacy of IDPS policy alerting prior to ingestion into the SIEM logging pipeline
• Collaboration with the Global Cybersecurity Operations team SMEs to design and implement robust, accurate and high-fidelity SIEM event/alert triggers based on tuned IDPS policy alerts
• Produce and maintain documentation of all process to support the establishment of an enduring capability and to aid the Threat Detection Analyst event triage
• Perform gap analysis of the current baseline policy against the target policy and controls
• Provide consultation and subject matter expertise to the Cybersecurity teams as required
• Implement and maintain an effective KPI tracking process to demonstrate continued improvement and value in relation to the integration of IDPS alerting into the global SOC workflow
• Remain up to date on current cyber-threats and vulnerabilities, especially network related issues that could have a direct influence on IDPS policies, rules and signatures

• 3+ years’ experience working with Splunk and/or the Splunk Enterprise Security SIEM platform
• Experience working in an operational SOC and/or in developing cyber-threat detection rules / logic within a SIEM environment
• Knowledge and experience working with SOAR platforms e.g. Phantom or Splunk SOAR advantageous
• Demonstrable understanding of IDPS platforms and technologies (on-prem) (Knowledge of cloud native IDPS offerings advantageous)
• Knowledge and experience of working with WAF solutions (advantageous)
• Deep understanding of network protocols and traffic analysis: DNS/HTTP/SMB/FTP etc.
• Familiarity with regular expression and proficient in scripting skills like python (advantageous)
• Ability to build connections and work collaboratively across internal teams, external teams, and to proactively build successful and productive working relationships
• Willingness to continuously learn and share learnings with others

Technical cybersecurity qualifications e.g. SANS GCIA an advantage

• Competitive salary
• Annual performance-based bonus
• Additional bonuses for recognition awards
• Multisport card
• Private medical care
• Life insurance
• One-time reimbursement of home office set-up (up to 800 PLN)
• Corporate parties & events
• CSR initiatives
• Nursery discounts
• Financial support with trainings and education
• Social fund
• Flexible working hours
• Free parking